]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dc48b1b) | patch
ima: prevent unnecessary policy checking
authorDmitry Kasatkin <d.kasatkin@samsung.com>
Thu, 27 Mar 2014 08:54:11 +0000 (10:54 +0200)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Thu, 12 Jun 2014 21:58:06 +0000 (17:58 -0400)
commit20a380aa8e9570fedce7c6057b5354fc7c787587
tree2f9f2a00683176e02fee1acd59db3705a9228f35tree | snapshot
parentdc48b1bdfc32fdc5a0ef2d06f73513618f1d2fb5commit | diff
ima: prevent unnecessary policy checking

ima_rdwr_violation_check is called for every file openning.
The function checks the policy even when violation condition
is not met. It causes unnecessary policy checking.

This patch does policy checking only if violation condition is met.

Changelog:
- check writecount is greater than zero (Mimi)

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
security/integrity/ima/ima_main.c diff | blob | history
Linux Kernel Source Tree.